VYPR
Vendor

Dogtag Pki

Products
2
CVEs
2
Across products
3
Status
Private

Products

2

Recent CVEs

2
  • CVE-2023-4727HigJun 11, 2024
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to…

  • CVE-2020-15720MedJul 14, 2020
    risk 0.00cvss 6.8epss 0.01

    In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-coded in all request functions, it was not possible to override the setting. As a result, tools making use of this class,…